The descripton for CVE-2022-22536 states: SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smugglingand request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.
There are two attack signatures that will protect against request smuggling: * Signature ID: 200018085, Request Smuggling Attempt (CR Before CL Header) * Signature ID: 200018086, Request Smuggling Attempt (SP/CL after Header)
I didn't see anything in the Threat Campaign signatures yet.
Bot Signatures: Class of signatures that identify legitimate or malicious web robots by looking for specific patterns in the headers of incoming HTTP requests. With the release of BIG-IP 14.1.0, this feature requires a separate license. Bot signature updates are part of the Threat Campaigns subscription-based service license. Without a Threat Campaigns license, bot signatures cannot be updated using manual or automatic updates; however, you can still add custom bot signatures.
EDIT: Now there is also an Attack Signature that was added on 15. February 2022. Signature ID: 200020213 Name: SAP NetWeaver request smuggling